Uploaded image for project: 'Commons IO'
  1. Commons IO
  2. IO-70

[io] Add a secureDelete method to FileUtils.java

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • None
    • 1.3
    • Utilities
    • None

    • Operating System: other
      Platform: All

    • 32144

    Description

      in org.apache.commons.io.FileUtils

      Commons Fileupload uses at least the io's FileCleaner.track() method.
      Unfortunately, they just use the plain java File.delete() method and not a more
      sophisticated delete as offered in this package.

      Especially, if servers running the FileUpload are sitting in DMZs and forward
      all personal/private uploaded information in another (DB-)server behind another
      firewall, one would not want that if the DMZ machine gets hacked, all previous
      uploads that are supposedly deleted still can easily be found on the disk by a
      not even that skilled attacker.

      Therefore, it would be great to have a pgp-wipe alike secure delete method here!
      it would overwrite the file multiple times and probably, it this should be
      spawned as a separte thread since that may take longer than a state-of-the-art
      GUI would want to wait for such an action to complete.

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. IO-56 [io] FileCleaner - delete non empty directories

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              Unassigned Unassigned
              ralfhauser Ralf Hauser
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: